ALTER USER 'userName' IDENTIFIED BY 'password';
ALTER USER 'targetuser' LIKE 'sourceuser' EXCLUDE options;
‘userName’: The name of the existing user. Optionally, enclose in single quotes. If the logged in user is changing their own password, username can be omitted.
LIKE: Allows duplication of ‘sourceuser’ roles and privileges in ‘targetuser’ account. Requires COPY USER privilege. If used, this must precede any other commands.
IDENTIFIED BY ‘password’: Sets ‘password’ to access the account. Always enclose the password in single quotes.
VALUES GENERATE_PASSWORD: Generates a random character password. See GENERATE_PASSWORD
EMAIL ‘email@example.com’: the email address for the user account. Cirro sends a message to this user containing any of password, one time password link to QR code for Authenticator app setup, or two factor authentication link to Duo or Saaspass.
AUTHENTICATED BY method: Sets authentication method. Default is cirrootp (cirro one-time-password). Requires email address so user can receive account details.
OPTIONS (SECRET ‘HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ’): A 32 character 160 bit number formatted using base 32. This is generated outside Cirro by the secure application of your choice.
WITHOUT options: exclude three options from any LIKE clause: DATABASE CREDENTIALS, ROLES or PRIVILEGES.
This statement may require system administrator permissions.
When using the LIKE command, this must precede any other commands.
Account with standard password
ALTER USER 'myUser1' IDENTIFIED BY 'p@sswOrd';
Account duplicating another with standard password, email address but no privileges
ALTER USER 'wecoyote' LIKE 'rrunner' EMAIL 'firstname.lastname@example.org' IDENTIFIED BY 'acme' WITHOUT PRIVILEGES